Exchange Password Exchange

Hi,

A client has had their laptop stolen, we have reset the password on the active directory so the exchange will not sync up if the laptop is powered on.

After resetting the password this morning the user can still receive emails on their Android mobile, how is this possible when the password has been changed and they havent entered the new email password on phone?

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

if the user power cycles the phone, does it still automatically connect?

ryank85Author Commented: 2015-06-08

The user will not power the phone on and off as he wants to see if the phone will force the password update, he is concerned that if the phone was stolen would they still be able to send and receive emails.

This is a flaw in the Exchange Security. OWA/Outlook will continue to work (even after the password has changed). As long as the client does not close the conneciton to OWA or Outlook the communication is already present and it will not prompt for a password, and continue to work.

However for ActiveSync what you can do is the following...
- send a remote wipe to the device (that was stolen)
- Disable and Re-Enable the users mailbox within Exchange

Disabling the Mailbox and Re-Enabling it would disconnect all sessions to OWA and Outlook as well so sometimes this might be required to ensure that there are no OPEN connecitons to the mailbox.

Will.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Disconnecting the mailbox removes the Exchange Attributes for the Active Directory Account. This does not damage the mailbox in anyway. You would then go into Disconnected Mailboxes and reconnect the Mailbox to Active Direcotry Account.